<?php
class MUser extends Model
{
    var $detail;
    
    function MUser()
    {
        parent::Model();
        $this->get_cached_data();
    }
    
    function get_cached_data()
    {
        $user_id = empty($_SESSION["user_id"]) ? (empty($_COOKIE["user_id"])?0:$_COOKIE["user_id"]) : $_SESSION["user_id"];
        $user_password = empty($_SESSION["user_password"]) ? (empty($_COOKIE["user_password"])?0:$_COOKIE["user_password"]) : $_SESSION["user_password"];
        if(empty($user_id) || empty($user_password)) return;
        $sql = "
            SELECT 
                ".db_table_user.".id AS user_id,
                ".db_table_user.".username,
                ".db_table_user.".password,
                ".db_table_user.".email,
                ".db_table_user.".fullname,
                ".db_table_user.".uploaded,
                ".db_table_user.".downloaded,
                ".db_table_user.".credit,
                ".db_table_user.".editable,
                ".db_table_user.".joined,
                ".db_table_user.".last_access,
                ".db_table_group.".id AS group_id,
                ".db_table_group.".name,
                ".db_table_group.".write_product,
                ".db_table_group.".read_product,
                ".db_table_group.".write_user,
                ".db_table_group.".read_user,
                ".db_table_group.".write_group,
                ".db_table_group.".read_group,
                ".db_table_group.".write_file,
                ".db_table_group.".read_file,
                ".db_table_group.".write_category,
                ".db_table_group.".read_category,
                ".db_table_group.".write_credit,
                ".db_table_group.".read_credit,
                ".db_table_group.".system
            FROM ".db_table_user."
            JOIN ".db_relation_group_user." 
                ON ".db_relation_group_user.".user_id = ".db_table_user.".id
            JOIN ".db_table_group." 
                ON ".db_table_group.".id = ".db_relation_group_user.".group_id
            WHERE 
                ".db_table_user.".id = ".$this->input->xss_clean($user_id)." AND 
                ".db_table_user.".password='".$this->input->xss_clean($user_password)."'
            ORDER BY ".db_relation_group_user.".priority
            LIMIT 1
        ";
        $query = $this->db->query($sql);
        if($query->num_rows)
        {
            $this->detail = $query->row();
            $_SESSION["user_id"] = $this->detail->user_id;
            $_SESSION["user_password"] = $this->detail->password;
            setcookie("user_id",$this->detail->user_id);
            setcookie("user_password",$this->detail->password);
        }
    }
    
    function login($username, $password)
    {
        if(empty($username) || empty($password)) return FALSE;
        $password = md5($password);
        $sql = "
            SELECT 
                ".db_table_user.".id AS user_id,
                ".db_table_user.".username,
                ".db_table_user.".password,
                ".db_table_user.".email,
                ".db_table_user.".fullname,
                ".db_table_user.".uploaded,
                ".db_table_user.".downloaded,
                ".db_table_user.".credit,
                ".db_table_user.".editable,
                ".db_table_user.".joined,
                ".db_table_user.".last_access,
                ".db_table_group.".id AS group_id,
                ".db_table_group.".name,
                ".db_table_group.".write_product,
                ".db_table_group.".read_product,
                ".db_table_group.".write_user,
                ".db_table_group.".read_user,
                ".db_table_group.".write_group,
                ".db_table_group.".read_group,
                ".db_table_group.".write_file,
                ".db_table_group.".read_file,
                ".db_table_group.".write_category,
                ".db_table_group.".read_category,
                ".db_table_group.".write_credit,
                ".db_table_group.".read_credit,
                ".db_table_group.".system
            FROM ".db_table_user."
            JOIN ".db_relation_group_user." 
                ON ".db_relation_group_user.".user_id = ".db_table_user.".id
            JOIN ".db_table_group." 
                ON ".db_table_group.".id = ".db_relation_group_user.".group_id
            WHERE 
                ".db_table_user.".username = '".$this->input->xss_clean($username)."' AND 
                ".db_table_user.".password = '{$password}'
            ORDER BY ".db_relation_group_user.".priority
            LIMIT 1
        ";
        $query = $this->db->query($sql);
        if($query->num_rows) 
        {
            $this->detail = $query->row();
            $_SESSION["user_id"] = $this->detail->user_id;
            $_SESSION["user_password"] = $this->detail->password;
            setcookie("user_id",$this->detail->user_id);
            setcookie("user_password",$this->detail->password);
            return $this->detail;
        }
        else
        {
            return FALSE;
        }
    }
    
    function logout()
    {
        $_SESSION["user_id"] = "";
        $_SESSION["user_password"] = "";
        setcookie("user_id","");
        setcookie("user_password","");
    }
}